‘It’s easier now to steal online than from shops’, cybersecurity conference hears

It took just five minutes for Edward Skrba and Christopher Galicki to hack a password from the stage in the Cork Opera House at the international FutureSec gathering.

Speaking before the alarming demo, Mr Skrba, the white hat hacker, said his job allows him to “play the bad guy without the consequences”.

“Cybersecurity has blown up,” he said.

“It’s easier now to steal online than to steal stuff from shops.”

Mr Skrba manages the penetration testing division of the Cork-founded cybersecurity multinational SmartTech 247.

A web developer by trade, he joined the company after a friend started the testing division and together they have grown it from two to 20 employees.

And he said that the industry is expanding all the time.

“I’d definitely advise young people to get into cybersecurity and AI,” Mr Skrba said.

“If you work in IT it’s the next level of knowledge. And the money’s better,” he said with a grin.

"And we have creative freedom. When you work in web development you’re always working to specifications.

But we’re always searching for something new. That’s what really drives me in cybersecurity — finding new hacks to software that’s 20 years old.

Mr Skrba hacked the wireless network from the stage at FutureSec to show how vulnerable these networks can be.

“A wireless network is like a gateway to the company,” he said.

“Then you can attack the financial manager, change account numbers on the company’s system so that it transfers money to different accounts without knowing.

“Everyone can be hacked and people are the weakest link in cybersecurity.

“Even a really great guy, in a company with good security, can get an email from someone claiming to be the CEO at 5pm and send them money or data.

“I manage a team of hackers, we test networks and apps by simulating the environment of a hack. Then we see what we can access from one computer.”

However, illegal hackers looking to become legitbeware: All SmartTech247 employees have to have squeaky clean criminal records.

His advice for companies concerned about cyber threats is to build up multiple layers of defence.

“First, have good security hygiene and awareness at your company,” he said.

You can have the best cybersecurity in the world but if someone leaves their passwords at the desk then the systems can still be hacked.

“Then invest in good antivirus software, actively monitor security so if there’s a breach you can catch it, and have a penetration testing assessment to find any vulnerabilities before a hacker does.

“And watch out.”